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Amendments to the Specification: 



Please replace paragraph [0058] with the following 
rewritten paragraph: 



illustrates a method for applying credential evaluation 
policies in accordance with one embodiment of the present 
invention is presented. Figure 12 provides more detail for 
reference numeral 1110 of FIG. 11. As discussed above, the 
unique identifying information of a credential may be stored 
separately from the rest of the credential data. Thus, at 
12 00 a determination is made regarding whether credential 
data is included in the credential. If credential data is 
not included in the credential, the credential data is 
obtained at 1205. If credential data is included in the 
credential, a determination is made at 1210 regarding; 
whether all embedded credentials that are needed are 
included in the credential. If not all. such credentials are 
included, the needed credentials are obtained at 1215. If 
all needed credentials are included, a determination is made 
at 122 0 regarding whether any data in the credential must be 
unsealed. The credential data to be unsealed may include 
nested credential data. If data must be unsealed, it is 
unsealed at 1225. If no data needs to be unsealed, at 1230 
a determination is made regarding whether the credential 
data is valid. If the data is invalid, the process ends 
with a failure indication at 1240 1245 . If the data is 
valid, the process ends successfully at 1240. 

Please replace paragraph [0071] with the following 
rewritten paragraph: 



illustrates assigning multiple sets of user data for 
identities in accordance with one embodiment of the present 



[0058] 



Turning now to FIG. 12, a flow diagram that 
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[0071] 



Turning now to FIG. 17, a block diagram that 
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invention is presented. As shown in FIG. 17, the user data 
1704- 1720 1721 is stored in secure user data storage 1702. 
Secure user data storage 1702 is controlled by a user (user- 
controlled) . The user data 1704- 1720 1721 may include 
encrypted data and/or authenticated data. Secure user data 
storage 1702 may comprise a portable device such as a cell 
phone, PDA or smart card or the like. Secure user data 
storage 1702 may also comprise a file on a Web server or 
other computer. 

Please replace paragraph [0087] with the following 
rewritten paragraph: 

[0087] Turning now to FIG. 24, a block diagram that 

illustrates assigning multiple credentials for 
identities in accordance with one embodiment of the 
present invention is presented. Figure 24 is similar 
to FIG. 17, except that service credentials 2404- 
; 2420 2421 are stored in the secure device 24 02. in 
other words, the service credentials 2404- 2 4 20 2421 of 
FIG. 24 are based upon and contain, directly or 
indirectly, the user data 1704- 1720 1721 of FIG. 17. 



GUNNISON. McKAY & 

HODGSON, L.L.P. 
Garden West Office Plaza 
1900 Garden Road, Suite 220 
Monterey, CA 93940 

(831)655-0880 
Fax (831)655-0888 



Page 3 of 63 



